---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: dashboard
spec:
  replicas: 1
  selector:
    matchLabels:
      name: dashboard
  template:
    metadata:
      labels:
        name: dashboard
        app: dashboard
        service: web
      name: dashboard
    spec:
      containers:
        - args:
            - "-provider=openshift"
            - "-openshift-service-account=monitor-dashboard-web"
            - "-upstream=http://localhost:3000"
            - "-client-secret-file=/var/run/secrets/kubernetes.io/serviceaccount/token"
            - "-cookie-secret=9876543210"
            - "-tls-cert=/etc/tls/private/tls.crt"
            - "-tls-key=/etc/tls/private/tls.key"
            - "-pass-basic-auth=false"
            - "-skip-auth-regex=(public|api/snapshots/.+|dashboard/snapshot/.+)"
          image: registry.hub.docker.com/openshift/oauth-proxy:latest
          name: oauth-proxy
          ports:
            - containerPort: 8443
          volumeMounts:
            - mountPath: /etc/tls/private
              name: grafana-tls    
        - env:
            - name: GF_INSTALL_PLUGINS
              value: "grafana-clock-panel,simpod-json-datasource,grafana-googlesheets-datasource"
            - name: GF_AUTH_BASIC_ENABLED
              value: 'true'
            - name: GF_AUTH_PROXY_ENABLED
              value: 'true'
            - name: GF_AUTH_PROXY_HEADER_NAME
              value: X-Forwarded-User
            - name: GF_AUTH_PROXY_HEADER_PROPERTY
              value: username
            - name: GF_AUTH_PROXY_AUTO_SIGN_UP
              value: 'true'
            - name: GF_AUTH_DISABLE_LOGIN_FORM
              value: 'false'
            - name: GF_SECURITY_ADMIN_PASSWORD
              value: 'nbusr123'
            - name: GF_SECURITY_ADMIN_USER
              value: 'admin'
            - name: GF_USERS_ALLOW_SIGN_UP
              value: 'false'
            - name: 'GF_USERS_AUTO_ASSIGN_ORG_ROLE'
              value: 'Admin'
            - name: 'V'
              value: '13'
          image: registry.hub.docker.com/grafana/grafana:latest
          name: dashboard
          ports:
            - containerPort: 3000
          volumeMounts:
            - mountPath: /etc/grafana/provisioning/notifiers
              name: grafana-notifiers
            - mountPath: /etc/grafana/provisioning/datasources
              name: grafana-datasources
            - mountPath: /etc/grafana/provisioning/dashboards
              name: grafana-dashboards-provision
            - mountPath: /var/lib/grafana/dashboards
              name: grafana-dashboards
      serviceAccountName: monitor-dashboard-web
      volumes:
        - name: grafana-tls
          secret:
            secretName: grafana-tls
        - configMap:
            name: grafana-datasources
          name: grafana-datasources
        - configMap:
            name: grafana-dashboards-provision 
          name: grafana-dashboards-provision
        - configMap:
            name: grafana-notifiers 
          name: grafana-notifiers
        - configMap:
            name: grafana-dashboards
          name: grafana-dashboards